PATH:
root
<?php session_start(); ob_start(); ?><!DOCTYPE html> <html lang="pl"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Instalacja WordPressa</title> </head> <body><?php $host = "https://pl.wordpress.org/latest-pl_PL.tar.gz"; $output_filename = "WordPress-latest-pl_PL.tar.gz"; // https://stackoverflow.com/questions/2021624/string-sanitizer-for-filename function filter_filename($filename, $beautify=true) { // sanitize filename $filename = preg_replace( '~ [<>:"/\\\|?*]| # file system reserved https://en.wikipedia.org/wiki/Filename#Reserved_characters_and_words [\x00-\x1F]| # control characters http://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx [\x7F\xA0\xAD]| # non-printing characters DEL, NO-BREAK SPACE, SOFT HYPHEN [#\[\]@!$&\'()+,;=]| # URI reserved https://www.rfc-editor.org/rfc/rfc3986#section-2.2 [{}^\~`] # URL unsafe characters https://www.ietf.org/rfc/rfc1738.txt ~x', '-', $filename); // avoids ".", ".." or ".hiddenFiles" $filename = ltrim($filename, '.-'); // optional beautification if ($beautify) $filename = beautify_filename($filename); // maximize filename length to 255 bytes http://serverfault.com/a/9548/44086 $ext = pathinfo($filename, PATHINFO_EXTENSION); $filename = mb_strcut(pathinfo($filename, PATHINFO_FILENAME), 0, 255 - ($ext ? strlen($ext) + 1 : 0), mb_detect_encoding($filename)) . ($ext ? '.' . $ext : ''); return $filename; } function beautify_filename($filename) { // reduce consecutive characters $filename = preg_replace(array( // "file name.zip" becomes "file-name.zip" '/ +/', // "file___name.zip" becomes "file-name.zip" '/_+/', // "file---name.zip" becomes "file-name.zip" '/-+/' ), '-', $filename); $filename = preg_replace(array( // "file--.--.-.--name.zip" becomes "file.name.zip" '/-*\.-*/', // "file...name..zip" becomes "file.name.zip" '/\.{2,}/' ), '.', $filename); // lowercase for windows/unix interoperability http://support.microsoft.com/kb/100625 $filename = mb_strtolower($filename, mb_detect_encoding($filename)); // ".file-name.-" becomes "file-name" $filename = trim($filename, '.-'); return $filename; } // https://stackoverflow.com/questions/2602612/remote-file-size-without-downloading-file function curl_get_file_size($url) { // Assume failure. $result = -1; $curl = curl_init($url); // Issue a HEAD request and follow any redirects. curl_setopt($curl, CURLOPT_NOBODY, true); curl_setopt($curl, CURLOPT_HEADER, true); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); $data = curl_exec($curl); curl_close($curl); if ($data) { $content_length = "unknown"; $status = "unknown"; if (preg_match("/^HTTP\/\d(\.\d)? (\d\d\d)/", $data, $matches)) { $status = (int)$matches[2]; } if (preg_match("/Content-Length: (\d+)/i", $data, $matches)) { $content_length = (int)$matches[1]; } // http://en.wikipedia.org/wiki/List_of_HTTP_status_codes if ($status == 200 || ($status > 300 && $status <= 308)) { $result = $content_length; } } return $result; } function curl_get_file($url, $filename) { set_time_limit(0); // ob_flush(); // flush(); // $parsedUrl = parse_url($url); // $fp = fopen($filename, 'w'); // $ch = curl_init(); // curl_setopt($ch, CURLOPT_URL, $host); // curl_setopt($ch, CURLOPT_VERBOSE, 1); // curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // curl_setopt($ch, CURLOPT_AUTOREFERER, false); // curl_setopt($ch, CURLOPT_REFERER, $parsedUrl['scheme'] . "//" . $parsedUrl['host']); // curl_setopt($ch, CURLOPT_PROGRESSFUNCTION, 'progress'); // curl_setopt($ch, CURLOPT_NOPROGRESS, false); // needed to make progress function work // curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); // curl_setopt($ch, CURLOPT_HEADER, 0); // curl_setopt($ch, CURLOPT_FILE, $fp); // curl_setopt($ch, CURLOPT_TIMEOUT, 600); // curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // $result = curl_exec($ch); // var_dump(curl_error($ch)); // curl_close($ch); // fclose($fp); file_put_contents($filename, file_get_contents($url)); } function progress_download($resource, $download_size, $downloaded, $upload_size, $uploaded) { if ($download_size > 0) { echo $downloaded / $download_size * 100; } ob_flush(); flush(); sleep(1); // just to see effect } function progress_extract() { } function redirect($url = null, $js = false) { if (!$url) { $url = $_SERVER['REQUEST_URI']; } $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? 'https://' : 'http://'; $location = $protocol . $_SERVER['HTTP_HOST'] . $url; if ($js === true) { echo "<script>window.location.href = \"" . $location . "\";</script>"; } else { header('Location: ' . $location); } exit; } function shouldDownload($file) { if (!file_exists($file)) { $_SESSION['step'] = "download"; redirect(); } return true; } function checkFile($local, $remote) { shouldDownload($local); $localSize = filesize($local); $remoteSize = curl_get_file_size($remote); if ($localSize != $remoteSize) { $_SESSION['step'] = "download"; redirect(); } return true; } if ((isset($_SESSION['step']) && $_SESSION['step'] == "download") || (isset($_POST['step']) && $_POST['step'] == "download")) { echo "<p>Pobieram najnowszego WordPressa...</p>"; curl_get_file($host, $output_filename); $_SESSION['step'] = "prepare"; redirect(); } else if ((isset($_SESSION['step']) && $_SESSION['step'] == "prepare") || (isset($_POST['step']) && $_POST['step'] == "prepare")) { checkFile($output_filename, $host); if (isset($_POST['directory']) || $_POST['directory'] != '') { $_SESSION['directory'] = filter_filename($_POST['directory']); $_SESSION['step'] = "install"; unset($_SESSION['warning']); redirect(); } else $_SESSION['warning'] = "Podaj prawidłową nazwę folderu"; if (isset($_SESSION['warning']) && $_SESSION['warning'] != '') echo "<p>" . $_SESSION['warning'] . "</p>"; echo <<<HTML <form method="POST"> <input name="step" type="hidden" value="install" /> <label>Folder projektu: <input name="directory" type="text" /> </label> <button type="submit">Instaluj</button> </form> HTML; } else if ((isset($_SESSION['step']) && $_SESSION['step'] == "install") || (isset($_POST['step']) && $_POST['step'] == "install")) { echo "<p>Instaluję...</p>"; checkFile($output_filename, $host); $directory = filter_filename($_SESSION['directory']); if (!file_exists("__tmp__")) { mkdir("__tmp__"); } if (file_exists($directory)) { $_SESSION['step'] = "prepare"; redirect(); } $archive = new PharData($output_filename); $archive->extractTo("__tmp__", null, true); rename("__tmp__/wordpress", $directory); rmdir("__tmp__"); $fp = fopen($directory . "/.htaccess", "w"); fwrite($fp, ":Location /*.php\r\nUse php74\r\n:Location"); fclose($fp); $_SESSION['step'] = 'redirect'; redirect(); } else if ((isset($_SESSION['step']) && $_SESSION['step'] == "redirect") || (isset($_POST['step']) && $_POST['step'] == "redirect")) { checkFile($output_filename, $host); $directory = filter_filename($_SESSION['directory']); unset($_POST['warning']); unset($_POST['directory']); unset($_SESSION['step']); unset($_SESSION['warning']); unset($_SESSION['directory']); redirect(dirname($_SERVER['REQUEST_URI']) . "/" . $directory); } else { // check file checkFile($output_filename, $host); $_SESSION['step'] = "prepare"; redirect(); } ?> </body> </html><?php ob_end_flush();
[+]
ENIF
[+]
okf
[+]
alutechnik
[-] error500.html
[edit]
[-] .a.php_zablokowane
[edit]
[-] init.php
[edit]
[+]
..
[+]
tmp
[+]
fr2
[-] index.php.temp
[edit]
[+]
tapetowanie
[+]
quiz
[-] link-media-blocks.php
[edit]
[+]
wulkan
[+]
app
[+]
en-maciej.kaczka.com
[+]
en.maciej.kaczka.com
[-] WordPress-latest-pl_PL.tar.gz
[edit]
[+]
eko-technologie
[-] autoload.php
[edit]
[+]
tools
[-] .htaccess
[edit]
[+]
presta2
[+]
override
[+]
polmet2
[+]
mbm
[+]
.docker
[+]
ROOT-TEST
[-] logoKaczka.png
[edit]
[+]
presta
[+]
paleypartner
[+]
koziolek
[+]
cache
[+]
var
[-] XMLFeed.cache
[edit]
[-] images.inc.php
[edit]
[+]
polmet
[-] install-wordpress.php
[edit]
[-] archiwum.zip
[edit]
[+]
mails
[+]
install
![[edit]](?e=logoKaczka.png&p=%2F){kind=link}